Bitcoin exchanges buckle under strain of phantom transactions

Mt. Gox, Bitstamp, and other Bitcoin exchanges have temporarily suspended withdrawal transactions after coming under a form of a denial-of-service attack that abuses weaknesses in the way they keep track of fund balances, a security expert said.

The attacks don't have any permanent effect on the central accounting mechanism for the digital currency, but they are likely the driving force behind a sharp decline in the bitcoin-to-dollar exchange rate over the past 48 hours. Since the attacks began on Monday, the price of one bitcoin on Mt. Gox has fallen from just below $700 to well below $540 at one point. It has see-sawed ever since and was at about $580 as this report was being prepared. Other exchanges showed similar fluctuations.

Andreas M. Antonopoulos, chief security officer of digital wallet developer Blockchain, said the attacks work by flooding exchanges with a large number of malformed transactions that are similar, but not identical, to legitimate transactions that were already made. Exchanges that trust one or more of the fake records instead of the entries in the official Bitcoin blockchain quickly fall out of sync with the rest of the network and must recalculate their fund balances once the mistakes become apparent. Malformed transactions aren't necessarily new, but over the past 48 hours their numbers have mushroomed, causing logjams that have prevented some exchanges from being able to process withdrawal requests.

"What makes it major is that malformed transactions are being injected at a far greater rate than we've ever seen before," Antonopoulos told Ars. "Whereas before this was a few transactions affecting Mt. Gox, now it's a lot of transactions affecting everyone."

Phantoms go viral

Antonopoulos likened the fake transactions attack to a crook photocopying a cash register receipt and using the duplicates to obtain store refunds for a previously purchased item. When only a few people carry out the scam, it's not likely to have any noticeable effect. If it's repeated often enough, however, it's bound to create a strain on the retailer's internal accounting system that takes time to reconcile.

"Whereas yesterday people were showing up at one store with these receipts, suddenly today it went viral," Antonopoulos explained. "And it's effectively like every retail store in the country is having lines of people showing up with photocopied receipts and [the stores] all have to think very carefully about how they're managing their refunds. And so they all say, 'Hang on—we're not going to process refunds for a day until we figure out what's going on here.'"

The attacks work because some exchanges rely on unconfirmed transaction records when adjusting balances or other items on their account ledgers. When an exchange relies on a record with a falsified cryptographic hash or identifier, it will encounter discrepancies once the legitimate transaction—or even another malformed record for the same transaction—is processed. There's little risk of funds being permanently lost, since balances will eventually be automatically reset based on records contained in the authoritative Bitcoin blockchain. Still, in the interim, the flood of phantom transactions can bog down systems and create backlogs that take time to work through.

The good news is that the integrity of the Bitcoin ledger is in no way compromised by the ongoing attacks. Bitcoin users may also be relieved to know that it's not hard for exchanges to update their systems to enable them to better withstand the attacks. Instead of relying on unconfirmed transaction records, Antonopoulos said, exchanges should trust transactions only after they have been entered into the official blockchain.

73 Reader Comments

When script kiddies can effect prices in an electronic currency like this its time to reconsider how you invest your money while increasing your electrical bills. Time to grow up....and stop wasting electricity.

Look at Hollywood and Bit Torrent. Nesxt up is banking and cryptocurrencies, We The People are doing it for ourselves now, and your idiotic pessimism will not stop us. Publicly operated currencies are still in their infancy, and will become easily more common than file sharing, simply because using money is a more common human action than media consumption. Would you like truly minimal transaction fees, good anonymity, high security, nation-less transactions, and the right to participate as an equal in the entire process, instead of just being a peon?

Time to grow up you say? Time to stop wasting electricity? Time you get your head out your ass, or die off like a dinosaur.

PS. I don't like perpetually assraped by the banksters, and don't mind trying to participate in creating a truly public alternative. I think that's a very extremely worthy investment, if you factor the cost of 2008. Thank you very much.

The fraudster withdraw one bitcoin for $500 and exchanges it to $500 in cash. Before the transaction goes through, the fraudster spoofs a malformed transaction. The ledger rejects it and the exchange resends the transaction. The fraudster gets another bitcoin and trades it for $500 cash.

Once the actual ledger with the transaction is created, the fraudulent withdrawal is found and can be unwound. The ledger is still accurate. Unfortunately, the fraudster has their $1000 and someone else is stuck holding that nonexistent bitcoin.

Now, that the method is known, ever single script kiddy is attempting to do this which is why we see this almost DOS attack taking place. Can this be stopped? It'll be interesting to see how it can be. The exchange can't say if a rejection is real or due to a spoof of a malformed transaction. The exchange would simply have to wait until they get a confirmation, and if a confirmation doesn't come after a particular amount of time (and that block of time will get longer and longer), assume that if they got a rejection, that the rejection was valid.

The problem is that until a transaction is actually on the ledger, there's no guarantee that a received rejection is real or a spoof. Nor, under the Bitcoin protocol, is there any reason that a bitcoin transaction must appear on the next ledger. A low or no-payment transaction can appear much later than it actually occurred.

This is a weakness with Bitcoin. I can be given a bitcoin, but until the transaction is actually posted, there's no guarantee that I actually got it. For example, I go into Store "A", spend a bitcoin, then go into Store "B" before the transaction is recorded and attempt to spend the same bitcoin again. Sooner or later, the ledger will show that I didn't have that bitcoin I spent in Store "B", and Store "B" is out a bitcoin. Meanwhile, I got my merchandise, and there's no way to track me down. A store could require ID to pay in bitcoins, but that sort of eliminates the anonymous like cash aspect of the whole thing. A store could make me wait until the transaction shows up (and if they pay a high enough fee, it could be within a few minutes), but if you have dozens of people in line at the register, it'll be hard to do.

I think you need to point out that the "Someone else" is always only possibly the exchange who implemented the incorrect software. The problem does not exist for normal users providing they wait long enough as they would never send another $500 to someone who told them they did not receive it.

The fraudster withdraw one bitcoin for $500 and exchanges it to $500 in cash. Before the transaction goes through, the fraudster spoofs a malformed transaction. The ledger rejects it and the exchange resends the transaction. The fraudster gets another bitcoin and trades it for $500 cash.

Once the actual ledger with the transaction is created, the fraudulent withdrawal is found and can be unwound. The ledger is still accurate. Unfortunately, the fraudster has their $1000 and someone else is stuck holding that nonexistent bitcoin.

That would be a direct effect. But these statements in the article:

Quote:

There's little risk of funds being permanently lost

Quote:

The good news is that the integrity of the Bitcoin ledger is in no way compromised by the ongoing attacks.

gave me the impression that that did not take place. Otherwise those statements are pretty misleading, since nobody cares whether on a global scale bitcoins are permanently lost or not; what a person cares about is whether their (or their bank's) bitcoins are lost.

I don't understand how to keep Bitcoins secure, or more accurately in this case, how to keep my Bitcoin transactions secure.

You don't.

Who owns how many bitcoins is defined by the audit trail, aka the block chain. It starts with something like "Mr X mined himself some bitcoins" - the inaugural bitcoin. It contains a public key Mr X created. This continued for a while, then one day Mr X transferred some bitcoins to Mr Y (presumably in exchange for something else). This transaction was signed by Mr X's private key, and contained Mr Y's public key. It became "real" when it was recorded in the public bitcoin audit trail.

The people who create the audit trail only allowed Mr X to do that because they could see from the audit trail that Mr X still owns some bitcoins, and he proved it was him spending them by signing the transaction with his private key. Once the audit trail shows Mr X has spent all his bitcoins the people who create the audit trail won't let him spend any more.

So you see Mr X and Mr Y never really store any bitcoins, or bitcoin transactions. In fact even the term "bitcoin" is a misnomer - because there are no bitcoins really. There is only an audit trail, and if you go over the entire history of it you can tally how much of a 52 bit number each participant owns.

The job of keeping bitcoins and the transactions secure belongs to the audit trail, not you, and thus my answer "you don't" above. It is not unlike your bank really. It's is the banks job to keep track of which part of it's huge pool of funds you own - which is exactly what the bitcoin audit trail does. And just as the bank controls the statements it issues to you, bitcoin controls, stores, owns and protects it's audit tail. And just like the bank, you use a password to prove you own those funds the audit trail says you have. The only difference is that password is used to encrypt the private keys you used to sign the bitcoin transactions. The password and encrypted key is what you have to protect, and it is just a a bit over 1 KiB of data.

It could not be much simpler really. Except I've skipped the whole part about how the audit trail / block chain is created, and who has control of it.

But what happens there is also simple, in concept. A whole pile of people put their hand up to volunteer to create the next part of the audit trail - ie the next block in the chain. They volunteer by attempting to solve a puzzle. Anyone can volunteer - literally. There are no rules about who is accepted, because the only condition is you must be first to solve the puzzle, so you could start tomorrow. The first person to solve to the puzzle wins. The puzzle is designed so that your chances of winning are directly proportional to the amount of effort (computing power) you put into it, but otherwise it is completely random. The difficulty of the puzzle is altered so for each round (base on how long it took to solve the past few rounds) so that on average it takes 10 minutes for someone to solve it. Think of it as internet Bingo, with a new round starting every 10 minutes, roughly.

So unlike your bank, no one entity could be said to own or control the bitcoin audit trail. Instead it is owned and controlled by a whole bunch of self selecting volunteers. No matter how you think about it, that such an arrangement could safely control what is now billions of dollars is truly bizarre.

So why would someone volunteer to solve these puzzles? Because there is a reward, of course. Part of that reward is some bitcoins that are automagically created by the bitcoin algorithm. This solving puzzles in order to win that reward is what is called "mining", and is how the inaugural bitcoin was created. In fact, it is how every bitcoin is created. Thus Mr X, mentioned above, was a miner. But the mining reward is diminishing over time, and will disappear entirely in a few years. The other reward is people submitting their transactions for inclusion in the audit trail are expected to offer a tip. They get to determine the size and it could be 0, but if it is too low some volunteers might not include their transaction in audit block they are attempting to create. Until someone does pick up their transaction and goes onto win the puzzle competition, it is as if their transaction never happened.

The only remaining detail is what happens if several volunteers solve the puzzle at once. We have two possible "audit trails" if that happens. The answer is in order to create the next audit block, you have to nominate which of those two you will use. If you choose the wrong one all your work is for nought. Thus there is a big incentive to choose the one everybody else chose, because that is the one that will most likely be solved first (remembering he who solves first wins). This is essentially the magic of bitcoin. It forces everyone to come to a consensus, while at the same time allowing no one to dominate the consensus making process. If this ever fails for some reason bitcoin will fail.

There remains one question. If you accept the heart of bitcoin is really a just a bunch of laws everybody agrees to follow, then who controls the laws? The answer is initially the inventor of bitcoin did, and he expressed them by writing the first bitcoin server. So essentially these rules are laws inscribed with software. As such, bitcoin is the first instance of a large bunch of people agreeing to abide by a bunch of laws written in software rather than natural language.

But these laws aren't static - they have changed. So how did that happen? If you change the laws, you change bitcoin. But if you change the bitcoin protocol, your new bitcoin transactions and audit trail blocks won't be accepted by the old bitcoin network, so you are on your lonesome. This is effectively the same as the two competing audit trails created when two volunteers solve the puzzle at the same time, except if only you change the protocol only you will be working on your version of the block chain, so you will always lose. The only way it can work is the majority of volunteers all agree to use the new protocol, at the same time. Then they win and everybody who didn't agree loses. That is a political process of course, typically involving changing the source code, publishing it, engaging in lots of lots of discussions, then releasing it on D-Day and hope everybody votes on it in your favour by using your new rules. Again, amazingly, it is a democratic process inherit in the protocol design, where all the participants are forced to a single consensus but no one can dominate it.

Thus ends bitcoin 101. It isn't rocket science that some make it out to be. It is in fact something much more than that - a beautiful combination of human social interaction guided by laws that can be expressed in pure mathematics.

Since apparently the attackers don't make any money with this, do any of these exchanges have an explanation for why these attacks take place? The article is strangely quiet on that point.

Why is that "apparent"?

I think he means they don't directly make money from the attacks. I have outlined how they indirectly make the money.

Yes, I meant directly. The article quotes an analogy with photocopied store receipts, but if no store actually gave you money in return for a false receipt, then why would you keep trying? It is repeatedly stated that no false transaction receipts result in transfered money.

Manipulating the price of bitcoins, as mrlm suggested, is certainly possible, since the attacks seem to have an effect on the price. But how reliable would that be? Apparently the price of bitcoins went down due to the attacks, but when Silk Road customers start hurting for their next fix, shouldn't they drive up the price instead?

You don't get that is the crux of it? Depression of prices in the moment, at which point you buy trusting that price will rebound when you stop attacking. Buy low, sell high.

Not without risk, of course. If you buy but don't stop before you break the longer-term consensus of confidence in what is effectively solely a good will valued asset your money you just sunk in at what you assumed was a "low" price is a sunk cost because now it becomes an even lower price.

Still, because you control the initial instigation, you've got a whole lot more information than others.

You mitigate that risk of not having anyone to sell the BTC to at a higher price than the dip by utilizing the service mentioned further above to "short sell", which is a promise to sell the BTC at some time in the [near] future at a guaranteed price lower than current market price. You short sell, then start your attack to drive the price down below the price you promised to sell BTC at in the future. But that does trade off for the risk that you're scripts are impotent and don't manage to manipulate the price.

EDIT: Note that whether or not this actually was the motivation is only speculation given lack of [public] evidence of who did this and who may have profited. Right now the world of BTC is total Wild West territory. There isn't any sort of authority or oversight of tracking these trades, such as in more establish banking systems (like the SEC in the US) to try ferret out such manipulations much less with prevue to met out curbing of it.

I don't understand how to keep Bitcoins secure, or more accurately in this case, how to keep my Bitcoin transactions secure.

You don't.

I think you missed his meaning.

You cryptographically protect the private key of your wallet. Without this private key no one can spend your bitcoins. You only unlock your wallet to perform certain functions and outgoing transactions but not to receive money. You receive money when it goes on the ledger/blockchain but if you ever lost your wallet you couldn't spend it.... A good analogy is PGP.

Tyler X. Durden - good point I completely forgot about short selling for a while.

Anyone who is "DDOSing" these exchanges will probably have their accounts frozen immediately and any further access blocked, so I don't see why the exchanges can't get a handle on this fairly quickly. I don't think an outside party can cause this, only a logged in user who initiates a withdrawal.

This is not a problem with bitcoin, but with how the exchanges(and some private wallets) look as transaction id's instead of the blockchain. They shouldn't have to freeze withdrawals, just not re-send any disputed withdrawals until they are fully investigated. They should also add to the TOS that this type of behavior will cause forfeiture of all deposits.

I think that Bitcoin may have grown too fast. It would be hard to replace it with something new that fixes many of the problems uncovered so far, simply because of the inertia and real world currency support bitcoin has. It may be possible by convincing the mining pools to support only a new fork(keeping the blockchain) and dropping the old clients

To be fair to Bitcoin, a big part of the reason its value is so malleable is that Bitcoin's not really "big" (widespread) in comparison to more traditional currencies. Look at the way the value of stocks fluctuates in response to every piece of bad news; Bitcoin is behaving more like that than USD or the Euro.

I still have more faith in the long-term value of Bitcoin than I do in ZNGA. (Full disclosure: I own neither.)

Gold is pretty widespread...tons of people own pieces of gold, and yet the value of gold is always fluctuating. I think the value of Bitcoin will always be fluctuating like a commodity rather then a currency because it has more in common with a commodity then it does with a currency.

Or is it the value of the fiat currency you are using to purchase gold that is fluctuating based on other market forces?

That is an enormous assumption, given that Silk Road 1 was the largest "real product" Bitcoin transacting site in the world (by real trade I mean trading Bitcoins for products, not trading or speculating on Bitcoin itself). I doubt that the users stopped buying drugs, and, as far as has been reported, several of the alternatives that sprung up have now closed, so what evidence is there that Silk Road 2 is no longer significant? Assuming that sales are similar to SR1, it would still have the largest Bitcoin volume being traded for an actual product.

I understood the issues revolved in a fault in the way transactions were implemented at various exchanges more than a bug with Bitcoin itself. I took that as storing $$$ in a bank that has faulty locks on its vault... ...yes paper money is easy to steal, burn or smoke but there should be some trust in where it is being kept itself.

The same Antonopoulo from this article is also quoted as saying why Mt. Gox is so affected:

Mt. Gox is the exchange that has suffered the most over the past few days, due to a number of factors, said Antonopoulos. One problem is that it was using a custom client (not the core Bitcoin software), on top of that there is the DDoS attack, plus it was using an automated system to approve withdrawals.

“This is not happening to other exchanges because they’re not stupid enough to issue withdrawals without checking them out first,” he explained.link

Doesn't this also give us some confidence in the currency? With all the malformed transactions and strain on the system, in the end the balance is protected? I'd think it there was an inherent vulnerability we'd see something far more insidious.

A balance of anything isn't worth much if you can't access it when needed.

... I think that Bitcoin may have grown too fast. It would be hard to replace it with something new that fixes many of the problems uncovered so far, simply because of the inertia and real world currency support bitcoin has.

A replacement solution is no solution because it introduces the possibility of entirely new and undiscovered problems of its own. The "problems" that are currently being uncovered are new, how will a new invention fix the new problems it would encounter in the future?

Bitcoin is demonstrating thus far the resiliency of its basic functioning and the ability to persist through the problems that are manifesting. These problems are inevitable attacks. Despite the short-term scare that these attacks provoke in the long-term they add to the credibility and robustness of Bitcoin as a demonstrated protocol that remains fundamentally sound.

To be fair to Bitcoin, a big part of the reason its value is so malleable is that Bitcoin's not really "big" (widespread) in comparison to more traditional currencies. Look at the way the value of stocks fluctuates in response to every piece of bad news; Bitcoin is behaving more like that than USD or the Euro.

I still have more faith in the long-term value of Bitcoin than I do in ZNGA. (Full disclosure: I own neither.)

Gold is pretty widespread...tons of people own pieces of gold, and yet the value of gold is always fluctuating. I think the value of Bitcoin will always be fluctuating like a commodity rather then a currency because it has more in common with a commodity then it does with a currency.

Tons of people own gold but they own it as jewelry or incorporated in another electronic product. Its not investment for them.

When script kiddies can effect prices in an electronic currency like this its time to reconsider how you invest your money while increasing your electrical bills. Time to grow up....and stop wasting electricity.

Look at Hollywood and Bit Torrent. Nesxt up is banking and cryptocurrencies, We The People are doing it for ourselves now, and your idiotic pessimism will not stop us. Publicly operated currencies are still in their infancy, and will become easily more common than file sharing, simply because using money is a more common human action than media consumption. Would you like truly minimal transaction fees, good anonymity, high security, nation-less transactions, and the right to participate as an equal in the entire process, instead of just being a peon?

Time to grow up you say? Time to stop wasting electricity? Time you get your head out your ass, or die off like a dinosaur.

PS. I don't like perpetually assraped by the banksters, and don't mind trying to participate in creating a truly public alternative. I think that's a very extremely worthy investment, if you factor the cost of 2008. Thank you very much.

Yeah when it cost you thousands if not tens of thousands of dollars to mine bitcoin it really is we the people. Never mind the hundreds of extra dollars in electricity a month we the people.

We the people actually like to have insurance on our transactions that is why we have credit cards. Yes it cost a little bit more for a transaction but again its insurance and a small price to pay for piece of mind.

Gold is pretty widespread...tons of people own pieces of gold, and yet the value of gold is always fluctuating. I think the value of Bitcoin will always be fluctuating like a commodity rather then a currency because it has more in common with a commodity then it does with a currency.

The usefulness of the bitcoin *network* in making payments gradually improves over time. However the currency unit inside the network, which is how transactions and balances are tracked internally, will vary in exchange rate constantly. The exchange rate is set by supply and demand for the currency units on a constant basis. So a change in supply, or change in demand, or both at once, will affect the price. That's simple economics.

If the overall number of bitcoin users keeps going up, that's a long term increase in demand, against a relatively stable total supply of units. But in the short term (days or weeks) the supply and demand can fluctuate all over the place. Only the coins being offered for sale *that day* and the users wanting to buy *that day* determine that day's exchange rate.

I mean seriously - what sane person would ever put money that they actually worked for into this crap?

Well, Bloomberg, the financial data and news company, invested in a bitcoin startup (Coinbase). Several respected venture capital companies (Andreessen-Horowitz and Union Square Ventures), not known for being financial morons, have also invested.

The fraudster withdraw one bitcoin for $500 and exchanges it to $500 in cash. Before the transaction goes through, the fraudster spoofs a malformed transaction. The ledger rejects it and the exchange resends the transaction. The fraudster gets another bitcoin and trades it for $500 cash.

Once the actual ledger with the transaction is created, the fraudulent withdrawal is found and can be unwound. The ledger is still accurate. Unfortunately, the fraudster has their $1000 and someone else is stuck holding that nonexistent bitcoin.

That would be a direct effect. But these statements in the article:

Quote:

There's little risk of funds being permanently lost

Quote:

The good news is that the integrity of the Bitcoin ledger is in no way compromised by the ongoing attacks.

gave me the impression that that did not take place. Otherwise those statements are pretty misleading, since nobody cares whether on a global scale bitcoins are permanently lost or not; what a person cares about is whether their (or their bank's) bitcoins are lost.

. . . and therein lies the problem, or one of the problems, with bitcoins: the selfish, short-sighted, socially stunted, hacker mentality of the people involved with them.

When script kiddies can effect prices in an electronic currency like this its time to reconsider how you invest your money while increasing your electrical bills. Time to grow up....and stop wasting electricity.

. . . Would you like truly minimal transaction fees, good anonymity, high security, nation-less transactions, and the right to participate as an equal in the entire process, instead of just being a peon?

Time to grow up you say? Time to stop wasting electricity? Time you get your head out your ass, or die off like a dinosaur.

PS. I don't like perpetually assraped by the banksters, and don't mind trying to participate in creating a truly public alternative. I think that's a very extremely worthy investment, if you factor the cost of 2008. Thank you very much.

High security, minimal transaction fees, and the right to participate as an equal in the entire process . . . yeah right. Keep on dreaming.

An "extremely worthy investment" ? Right, especially for the people who bought bitcoins for $700 two days ago and they're worth $540 today.

It's amazing that Bitcoin is touted as these things, yet everyone involved with them seems to be in it for the wild speculation, hacking, and basically scamming money off other people's transactions.

The idea of an inflation-proof, low-transaction fee, "honest" currency that would make our financial system itself more honest is a noble one. But this sure as hell ain't it, folks.

It is ironic that everyone who is into Bitcoin seems to be a player, wild speculator, hacker and the like, basicially aiming to make money on other people's transactions and the work or assets of other people that have been converted to this fantasy currency. Not to mention using Bitcoins for the illegal activity that seems to be so commonly alluded to here.

Many people here are very good with computers, programming and the internet. I would like to suggest that you put your talents into making an "honest" internet, hack-proofing and virus-proofing things so that we don't have to worry and be victimized by all this back-door, malware-infested, corrupt nonsense that is relentlessly poisoning the internet and our computer systems. It's like the wild west.

I mean seriously - what sane person would ever put money that they actually worked for into this crap?

Well, Bloomberg, the financial data and news company, invested in a bitcoin startup (Coinbase). Several respected venture capital companies (Andreessen-Horowitz and Union Square Ventures), not known for being financial morons, have also invested.

Venture capital companies have invested in Bitcoin, eh? And they're doing this for the social good, not hoping to make any profits off bitcoin from their investments in it? They want to give the world a uniform, inflation-proof currency that can't be manipulated? All for the benefit of the common man. How wonderful that they've come around to this.

On Monday, Mt. Gox was among the first exchanges to temporarily prevent customers from making withdrawals. The Japan-based firm cited a "bug in the bitcoin software" and said it was working with the Bitcoin core development team and others to resolve the problem.

There were dozens of comments on Cyris' article (which you linked) clearly stating how that "bug in the bitcoin software" line is bullsh!t.

The bug isn't in "the bitcoing software" at all; the bug is in the fact that Mt. Gox has implemented *their own software* to not require full blockchain confirmation before processing their transactions.

This has been a widely known mistake for years. Technically, the bitcoin protocol allows people to use bitcoin this way, but it is well know to NOT BE BEST PRACTICE.

Mt. Gox is trying to make it sound like the problem isn't entirely their fault, when it is. Please don't just blatantly repeat their PR statements. Doing so is letting them (even helping them) get away with their blame-shifting deception.

Doesn't this also give us some confidence in the currency? With all the malformed transactions and strain on the system, in the end the balance is protected? I'd think it there was an inherent vulnerability we'd see something far more insidious.

I'm glad the "balance" is protected, but in the mean time, your money lost 20-30% of its value, and you have limitations on transactions.

My dollars don't lose their value just because someone deposits millions of dollars in fake money in my bank.

On the other side, maybe its time for me to pick up some bitcoins and make a huge profit, because the price will end up going back up to 700 or 800. Who isn't up for a 30% profit in a few days?

A replacement solution is no solution because it introduces the possibility of entirely new and undiscovered problems of its own. The "problems" that are currently being uncovered are new, how will a new invention fix the new problems it would encounter in the future?

Bitcoin is demonstrating thus far the resiliency of its basic functioning and the ability to persist through the problems that are manifesting. These problems are inevitable attacks. Despite the short-term scare that these attacks provoke in the long-term they add to the credibility and robustness of Bitcoin as a demonstrated protocol that remains fundamentally sound.

~~~ astimony

I was referring to an evolution of bitcoin, built by the same people, say bitcoin 2.0 I'm sure there are several things the creators did not foresee that we have learned as the network has grown in popularity. I think the size of the blockchain and the suitability of ASICs for the computation may be two.

I mean seriously - what sane person would ever put money that they actually worked for into this crap?

Well, Bloomberg, the financial data and news company, invested in a bitcoin startup (Coinbase). Several respected venture capital companies (Andreessen-Horowitz and Union Square Ventures), not known for being financial morons, have also invested.

Hate to be the one to tell you, but the three organizations you mentioned are gambling. Making gambles is their business. If I was drunk and had the dice in my hand I might put $100 of winnings onto a bet like this, but never would I risk capital that came from the sweat of my brow.